Proof of concept with totp

author: Yves Fischer <yvesf-git@xapek.org> 2018-11-26 01:35:11 +0100
committer: Yves Fischer <yvesf-git@xapek.org> 2018-11-26 01:35:11 +0100
commit: 3b89dc69da0f88cf8e2290523fa50656ac2ebb5d (patch)
tree: 105313b862ca7d8a123a37c279508081744a90d9 /test/etc/nginx.conf
download: nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.tar.gz
nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.zip
1 files changed, 35 insertions, 0 deletions
diff --git a/test/etc/nginx.conf b/test/etc/nginx.conf
new file mode 100644
index 0000000..3477353
--- /dev/null
+++ b/test/etc/nginx.conf
@@ -0,0 +1,35 @@
+# nginx -p . -c nginx.conf
+
+pid /tmp/nginx.example.pid;
+
+daemon off;
+
+events {
+  worker_connections 5;
+}
+
+http {
+  access_log /dev/stdout;
+  error_log /dev/stderr;
+
+  server {
+    server_name localhost;
+
+    location /auth {
+        rewrite    /auth/(.+) /$1 break;
+        proxy_pass http://127.0.0.1:8080; # This is the TOTP Server
+        proxy_set_header X-Totp-Secret baadf00d;
+        proxy_set_header X-Totp-Secret deadc0de;
+    }
+
+    # This ensures that if the TOTP server returns 401 we redirect to login
+    error_page 401 = @error401;
+    location @error401 {
+      return 302 /auth/login$request_uri;
+    }
+
+    location / {
+      auth_request /auth/check;
+    }
+  }
+}
+\ No newline at end of file
author	Yves Fischer <yvesf-git@xapek.org>	2018-11-26 01:35:11 +0100
committer	Yves Fischer <yvesf-git@xapek.org>	2018-11-26 01:35:11 +0100
commit	3b89dc69da0f88cf8e2290523fa50656ac2ebb5d (patch)
tree	105313b862ca7d8a123a37c279508081744a90d9 /test/etc/nginx.conf
download	nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.tar.gz nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.zip